Banking Fraud: Where is the Liability - With the Customer, Bank or Vendor?

Banking Fraud: Where is the Liability - With the Customer, Bank or Vendor?

Premium Members Only Video - Exclusive expert insight on PATCO fraud case

When a business banking account is breached, who is liable - the customer whose credentials were stolen, or the bank that failed to catch the transaction? Fraud experts debate the question and review recent cases.

At the heart of each of these disputes is the fundamental question: Who should be held liable for the losses? Is it the customer who fell victim to the fraudsters? The banking institution that failed to prevent the anomalous transactions? Or even the third-party service provider responsible for the bank's anti-fraud controls?

Among the topics they discuss:

  • An overview of the PATCO Construction fraud case;
  • Recent court decisions re: online banking fraud;
  • Anti-fraud technologies to help detect and prevent fraud;
  • How organizations can avoid being he victims of costly litigation.


In 2009, PATCO Construction, a family-owned firm, made national news when it revealed that fraudsters had drained more than $580,000 in a series of bogus transactions from the company's commercial account with the former Ocean Bank. PATCO sued the bank, arguing that the institution did not comply with existing regulatory requirements for multifactor authentication.

In May 2011, a U.S. District Court ruled in favor of the bank. But a federal appeals court disagreed. In July of 2012, the First Circuit Court of Appeals called Ocean Bank's security procedures "commercially unreasonable," reversing the lower court's ruling and further recommending that the two parties pursue an out-of-court settlement.

PATCO is but one of scores of U.S. businesses victimized since this surge of account takeover fraud began in 2009. And this case is but one of several high-profile lawsuits pitting banking institutions against their customers. Other recent cases include Calif.-based Village View Escrow Inc., which reached an out-of-court settlement with Professional Business Bank over a dispute involving nearly $400,000 in fraud losses. And Mississippi-based BancorpSouth filed a counterclaim against Choice Escrow and Land Title LLC of Missouri, saying the customer is solely responsible for $440,000 in losses after fraudsters compromised Choice's username and password.

In this panel discussion, Tracy Kitten, Managing Editor of BankInfoSecurity, will explore this liability question with a broad range of industry experts. Panelists include Joseph Burton, an attorney who specializes in cybercrime litigation, with a particular eye on account takeover cases; Bill Nelson, President and CEO of FS-ISAC, the banking industry group that has worked tirelessly to promote enhanced detection and prevention of account takeover; Dan Mitchell, attorney for PATCO Construction, the noted fraud victim that sued its bank and won on appeal; and George Tubin, longtime banking and fraud expert who currently serves as senior security strategist for security vendor Trusteer.

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.